Last active
August 29, 2015 14:24
-
-
Save Ke-/4503ea25d68827a63858 to your computer and use it in GitHub Desktop.
Tweaked OAuth library from https://github.com/iamjono/lasso-oauth
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?lasso | |
| define oauth_consumer_key => 'key' | |
| define oauth_consumer_secret => 'secret' | |
| define oauth_request_token => 'requestkey' | |
| define oauth_request_secret => 'requestsecret' | |
| define oauth_access_token => 'accesskey' | |
| define oauth_access_secret => 'accesssecret' | |
| define oauth_realm => 'http://term.ie/' | |
| define oauth_request_endpoint => {return 'http://term.ie/oauth/example/request_token.php'} | |
| define oauth_access_endpoint => 'http://term.ie/oauth/example/access_token.php' | |
| define oauth_echo_endpoint => 'http://term.ie/oauth/example/echo_api.php' | |
| define oauth_userauth_endpoint => '' | |
| define intuit_token_endpoint => 'https://oauth.intuit.com/oauth/v1/get_request_token' | |
| define lasso_oauth => type { | |
| data public oauth_request_endpoint | |
| data public oauth_access_endpoint | |
| data public oauth_userauth_endpoint | |
| data public oauth_consumer_key | |
| data public oauth_consumer_secret | |
| data public oauth_signature_method | |
| //The signature method the Consumer used to sign the request. | |
| data public oauth_signature | |
| //The signature as defined in Signing Requests. | |
| data public oauth_timestamp | |
| //As defined in Nonce and Timestamp. | |
| data public oauth_nonce | |
| //As defined in Nonce and Timestamp. | |
| data public oauth_version | |
| //OPTIONAL. If present, value MUST be 1.0 . Service Providers MUST assume the protocol version to be 1.0 if this parameter is not present. Service Providers' response to non-1.0 value is left undefined. | |
| data public oauth_callback | |
| //An absolute URL to which the Service Provider will redirect the User back when the Obtaining User Authorization step is completed. If the Consumer is unable to receive callbacks or a callback URL has been established via other means, the parameter value MUST be set to oob (case sensitive), to indicate an out-of-band configuration. | |
| data public oauth_token = '' | |
| data public oauth_token_secret = '' | |
| data public oauth_verifier = '' | |
| data public curr_arguments | |
| data public realmID = '' | |
| data public mytagname::tag | |
| public onCreate() => { | |
| .'oauth_consumer_key' = oauth_consumer_key | |
| .'oauth_signature_method' = 'HMAC-SHA1' | |
| .'oauth_request_endpoint' = oauth_request_endpoint | |
| .'oauth_access_endpoint' = oauth_access_endpoint | |
| session_start('ipp_oauth_ua', -useCookie, -expire=15) | |
| if(var_defined('oauth_keys')) | |
| .'oauth_token' = $oauth_keys->find('ua_token') | |
| .'oauth_token_secret' = $oauth_keys->find('ua_secret') | |
| /if | |
| } | |
| public updatekeys(consumer_key, consumer_secret, sig_method) => { | |
| .'oauth_consumer_key' = #consumer_key | |
| .'oauth_consumer_secret' = #consumer_secret | |
| .'oauth_signature_method' = #sig_method | |
| } | |
| public updateendpoints(request='', access='', userauth='', callback='' ) => { | |
| #request !='' ? .'oauth_request_endpoint' = #request | |
| #access !='' ? .'oauth_access_endpoint' = #access | |
| #userauth !='' ? .'oauth_userauth'= #userauth | |
| #callback !='' ? .'oauth_callback' = #callback | |
| } | |
| public encodesig(p::any) => ( | |
| with i in bytes(#p->asString)->eachByte | |
| let b = (bytes->import8bits(#i)&) | |
| select ( | |
| (#i >= 65 && #i <= 90) || // upper case | |
| (#i >= 97 && #i <= 122) || // lower case | |
| (#i >= 48 && #i <= 57) || // 0 - 9 | |
| ((:45,46,95,126) >> #i) // -._~ | |
| ? #b | |
| | '%'+ #b->encodehex | |
| ) | |
| )->join('') | |
| public constructSig(endpoint, arguments, method, additional=array) => { | |
| local('sig_args' = #arguments->asCopy) | |
| #sig_args->merge(#additional) | |
| #sig_args->sort | |
| local('sig_string' = #method+'&'+.encodesig(#endpoint)+'&') | |
| local('temp_string' = '') | |
| #sig_args->foreachPair =>{ | |
| local('p' = #1->second) | |
| #temp_string += .encodesig(#p->first)+ '=' + .encodesig(#p->second) + '&' | |
| } | |
| #sig_string += .encodesig(#temp_string) | |
| #sig_string->removetrailing('%26') | |
| return #sig_string | |
| } | |
| public requestSPToken(method, callback ='') =>{ | |
| session_start('ipp_oauth_ua', -useCookie, -expire=5) | |
| local('arguments' = array('oauth_consumer_key' = .'oauth_consumer_key', | |
| 'oauth_signature_method' = .'oauth_signature_method', | |
| 'oauth_timestamp' = date()->asinteger, | |
| 'oauth_nonce' = encrypt_md5(date()->asinteger), | |
| 'oauth_version'= '1.0', | |
| 'oauth_callback' = encode_stricturl(.'oauth_callback') | |
| )) | |
| .'curr_arguments' = #arguments->asCopy | |
| local('sig_string' = .constructSig(.'oauth_request_endpoint', #arguments, #method)) | |
| if(.'oauth_signature_method' == 'HMAC-SHA1') | |
| local('enc_sig' = encrypt_HMAC(-password=(.'oauth_consumer_secret'+'&'+.'oauth_token_secret'), -token=#sig_string, -digest='SHA1', -base64)) | |
| else | |
| local('enc_sig' = '') | |
| log_critical('no sig method matches') | |
| /if | |
| #arguments->insert('oauth_signature' = encode_stricturl(#enc_sig)) | |
| /* | |
| //Create custom Authorization header | |
| local('authstring' = ' ') | |
| with key in #arguments | |
| do { | |
| #authstring+=(#key->first+'="'+#key->second+'", ') | |
| } | |
| #authstring->removetrailing(', ') | |
| local('auth_header' = array('Authorization' = 'OAUTH'+#authstring)) | |
| */ | |
| local('auth_header' = .createAuthHeader(#arguments)) | |
| local('tokenstring' = include_url(.'oauth_request_endpoint', -sendMIMEheaders=#auth_header, -options = array(CURLOPT_CUSTOMREQUEST='POST'))) | |
| /* | |
| select(#method) | |
| case('POST') | |
| local('tokenstring' = include_url(#requestURL, -sendMIMEheaders=#auth_header, -options = array(CURLOPT_CUSTOMREQUEST='POST'))) | |
| case('GET') | |
| local('tokenstring' = include_url(#requestURL, -GETparams=#arguments)) | |
| case('HEAD') | |
| local('tokenstring' = include_url(#requestURL, -sendMIMEheaders=#auth_header)) | |
| /select | |
| */ | |
| local('request_tokens' = #tokenstring->split('&')) | |
| if(#request_tokens->size == 2) | |
| .'oauth_token' = #request_tokens->get(1)->split('=')->get(2) | |
| .'oauth_token_secret' = #request_tokens->get(2)->split('=')->get(2) | |
| else | |
| local('tokens' = .parseTokenResponse(#tokenstring->asString)) | |
| .'oauth_token' = #tokens->find('oauth_token') | |
| .'oauth_token_secret' = #tokens->find('oauth_token_secret') | |
| !var_defined('oauth_keys') ? session_addvar('ipp_oauth_ua', 'oauth_keys') | |
| var('oauth_keys'=map('ua_token' = #tokens->find('oauth_token'), 'ua_secret' = #tokens->find('oauth_token_secret'))) | |
| return .'oauth_token' | |
| /if | |
| return .'oauth_token' | |
| } | |
| public userAuthRefer() => { | |
| redirect_url(.'oauth_userauth_endpoint'+'?oauth_token='+.'oauth_token') | |
| } | |
| public requestAccessToken(verifier, realmID, method) => { | |
| local('debug_string' = '') | |
| local('arguments' = array('oauth_consumer_key' = .'oauth_consumer_key', | |
| 'oauth_token' = .'oauth_token', | |
| 'oauth_signature_method' = 'HMAC-SHA1', | |
| 'oauth_timestamp' = date()->asinteger, | |
| 'oauth_nonce' = encrypt_md5(date()->asinteger), | |
| 'oauth_version'= '1.0', | |
| 'oauth_verifier'=#verifier | |
| )) | |
| #debug_string+=('<br> oauth token: '+.'oauth_token'+' key: '+.'oauth_consumer_key') | |
| local('additional' = array('realmID' = #realmID)) | |
| local('sig_string' = .constructSig(.'oauth_access_endpoint', #arguments, #method, #additional)) | |
| local('enc_sig' = encrypt_HMAC(-password=(.'oauth_consumer_secret'+'&'+.'oauth_token_secret'), -token=#sig_string, -digest='SHA1', -base64)) | |
| #debug_string+=('<br>Sig string: '#sig_string) | |
| #debug_string+=('<br>Enc Sig: '+#enc_sig) | |
| #arguments->insert('oauth_signature' = encode_stricturl(#enc_sig)) | |
| local('auth_header' = .createAuthHeader(#arguments, #realmID)) | |
| select(#method) | |
| case('POST') | |
| local('tokenstring' = include_url(.'oauth_access_endpoint', -sendMIMEheaders=#auth_header, -POSTparams= #additional)) | |
| case('GET') | |
| local('tokenstring' = include_url(.'oauth_access_endpoint', -GETparams=#arguments)) | |
| case('HEAD') | |
| local('tokenstring' = include_url(.'oauth_access_endpoint', -sendMIMEheaders=#arguments)) | |
| /select | |
| #debug_string+=('<br>AuthHeader: '+#auth_header) | |
| #debug_string+=('<br>Test string: '+#tokenstring) | |
| local('access_tokens' = #tokenstring->split('&')) | |
| if(false) | |
| local('tokens' = .parseTokenResponse(#tokenstring->asString)) | |
| .'oauth_token' = #tokens->find('oauth_token') | |
| .'oauth_token_secret' = #tokens->find('oauth_token_secret') | |
| return #debug_string | |
| else | |
| local('tokens' = .parseTokenResponse(#tokenstring->asString)) | |
| .'oauth_token' = #tokens->find('oauth_token') | |
| .'oauth_token_secret' = #tokens->find('oauth_token_secret') | |
| return #tokens | |
| /if | |
| return .'oauth_token' | |
| } | |
| public protectedRequest(request_url, method, request_args) => { | |
| local('debug_string' = 'tag Params: '+params+'<br>') | |
| local('arguments' = array('oauth_consumer_key' = .'oauth_consumer_key', | |
| 'oauth_token' = .'oauth_token', | |
| 'oauth_signature_method' = 'HMAC-SHA1', | |
| 'oauth_timestamp' = date()->asinteger, | |
| 'oauth_nonce' = encrypt_md5(date()->asinteger), | |
| 'oauth_version'= '1.0' | |
| )) | |
| #arguments->merge(#request_args) | |
| #debug_string+=('<br>args: '+#arguments+'<br>') | |
| //local('additional' = array('realmID' = .'realmID')) | |
| local('sig_string' = .constructSig(#request_url, #arguments, #method)) | |
| local('enc_sig' = encrypt_HMAC(-password=(.'oauth_consumer_secret'+'&'+.'oauth_token_secret'), -token=#sig_string, -digest='SHA1', -base64)) | |
| #debug_string+=('<br>sig: '+#sig_string+'<br>enc_sig: '+#enc_sig) | |
| #arguments->insert('oauth_signature' = encode_stricturl(#enc_sig)) | |
| local('auth_header' = .createAuthHeader(#arguments, .'realmID')) | |
| select(#method) | |
| case('POST') | |
| local('tokenstring' = include_url(#request_url, -sendMIMEheaders=#auth_header, -POSTparams=#arguments)) | |
| case('GET') | |
| local('tokenstring' = include_url(#request_url, -GETparams=#arguments)) | |
| case('HEAD') | |
| local('tokenstring' = include_url(#request_url, -sendMIMEheaders=#arguments)) | |
| /select | |
| #debug_string+=('<br>response: '+#tokenstring) | |
| if(false) | |
| return #debug_string | |
| else | |
| return #tokenstring | |
| /if | |
| } | |
| public curr_token_secret => .'oauth_token_secret' | |
| public parseTokenResponse(tokenresponse) => { | |
| local('token_array' = #tokenresponse->split('&')) | |
| local('tokensplit' = map()) | |
| with token in #token_array | |
| do { | |
| local('split' = #token->split('=')) | |
| #tokensplit->insert(#split->get(1) = #split->get(2)) | |
| } | |
| return #tokensplit | |
| } | |
| public createAuthHeader(arguments) => { | |
| //Create custom Authorization header | |
| local('authstring' = ' ') | |
| with key in #arguments | |
| do { | |
| #authstring+=(#key->first+'="'+#key->second+'", ') | |
| } | |
| #authstring->removetrailing(', ') | |
| local('auth_header' = array('Authorization' = 'OAUTH'+#authstring)) | |
| return #auth_header | |
| } | |
| } | |
| ?> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment